Sample code for 30+ languages & platforms
PureBasic

BIP39 Compute Binary Seed from Mnemonic

See more Encryption Examples

Creates a binary seed from a mnemonic. Uses the PBKDF2 function with a mnemonic sentence (in UTF-8 NFKD) used as the password and the string "mnemonic" + passphrase (again in UTF-8 NFKD) used as the salt. The iteration count is set to 2048 and HMAC-SHA512 is used as the pseudo-random function. The length of the derived key is 512 bits (= 64 bytes).

Chilkat PureBasic Downloads

PureBasic
IncludeFile "CkCrypt2.pb"
IncludeFile "CkBinData.pb"

Procedure ChilkatExample()

    ; This example assumes the Chilkat API to have been previously unlocked.
    ; See Global Unlock Sample for sample code.

    crypt.i = CkCrypt2::ckCreate()
    If crypt.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    ; Test with the test vectors at https://github.com/trezor/python-mnemonic/blob/master/vectors.json

    ; This is the 2nd test vector..
    mnemonic.s = "legal winner thank year wave sausage worth useful legal winner thank yellow"
    passphrase.s = "TREZOR"
    expectedSeed.s = "2e8905819b8723fe2c1d161860e5ee1830318dbf49a83bd451cfb8440c28bd6fa457fe1296106559a3c80937a1c1069be3a3a5bd381ee6260e8d9739fce1f607"
    expectedMasterKey.s = "xprv9s21ZrQH143K2gA81bYFHqU68xz1cX2APaSq5tt6MFSLeXnCKV1RVUJt9FWNTbrrryem4ZckN8k4Ls1H6nwdvDTvnV7zEXs2HgPezuVccsq"

    ; The mnemonic sentence (in UTF-8 NFKD) used as the password.
    ; The string "mnemonic" + passphrase (again in UTF-8 NFKD) used as the salt.
    ; The iteration count is set to 2048 and HMAC-SHA512 is used as the pseudo-random function.
    ; The length of the derived key is 512 bits (= 64 bytes). 

    ; We want the computed seed to be lowercase hex, therefore our salt must also be hex.
    ; The seed is the keyword "mnemonic" + passphrase (in this case is "TREZOR") converted to hex.
    bdSalt.i = CkBinData::ckCreate()
    If bdSalt.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    CkBinData::ckAppendString(bdSalt,"mnemonic","utf-8")
    CkBinData::ckAppendString(bdSalt,passphrase,"utf-8")

    computedSeed.s = CkCrypt2::ckPbkdf2(crypt,mnemonic,"utf-8","sha512",CkBinData::ckGetEncoded(bdSalt,"hex_lower"),2048,512,"hex_lower")

    Debug "Expected: " + expectedSeed
    Debug "Computed: " + computedSeed

    ; To compute the hd_master_key, duplicate this Python code:

    ;     def to_hd_master_key(seed: bytes, testnet: bool = False) -> str:
    ;         if len(seed) != 64:
    ;             raise ValueError("Provided seed should have length of 64")
    ; 
    ;         # Compute HMAC-SHA512 of seed
    ;         seed = hmac.new(b"Bitcoin seed", seed, digestmod=hashlib.sha512).digest()
    ; 
    ;         # Serialization format can be found at: https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki#Serialization_format
    ;         xprv = b"\x04\x88\xad\xe4"  # Version for private mainnet
    ;         if testnet:
    ;             xprv = b"\x04\x35\x83\x94"  # Version for private testnet
    ;         xprv += b"\x00" * 9  # Depth, parent fingerprint, and child number
    ;         xprv += seed[32:]  # Chain code
    ;         xprv += b"\x00" + seed[:32]  # Master key
    ; 
    ;         # Double hash using SHA256
    ;         hashed_xprv = hashlib.sha256(xprv).digest()
    ;         hashed_xprv = hashlib.sha256(hashed_xprv).digest()
    ; 
    ;         # Append 4 bytes of checksum
    ;         xprv += hashed_xprv[:4]
    ; 
    ;         # Return base58
    ;         return b58encode(xprv)

    ; First compute the HMAC-SHA512 of the computedSeed
    bdSeed.i = CkBinData::ckCreate()
    If bdSeed.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    CkBinData::ckAppendEncoded(bdSeed,computedSeed,"hex_lower")
    CkCrypt2::setCkEncodingMode(crypt, "hex_lower")
    CkCrypt2::setCkHashAlgorithm(crypt, "sha512")
    CkCrypt2::ckSetMacKeyString(crypt,"Bitcoin seed")
    hmacSha512_hex.s = CkCrypt2::ckMacBdENC(crypt,bdSeed)

    bdHmac.i = CkBinData::ckCreate()
    If bdHmac.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    CkBinData::ckAppendEncoded(bdHmac,hmacSha512_hex,"hex_lower")

    bdXprv.i = CkBinData::ckCreate()
    If bdXprv.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    CkBinData::ckAppendEncoded(bdXprv,"0488ade4","hex_lower")
    CkBinData::ckAppendEncoded(bdXprv,"000000000000000000","hex_lower")
    CkBinData::ckAppendEncoded(bdXprv,CkBinData::ckGetEncodedChunk(bdHmac,32,32,"hex_lower"),"hex_lower")
    CkBinData::ckAppendByte(bdXprv,0)
    CkBinData::ckAppendEncoded(bdXprv,CkBinData::ckGetEncodedChunk(bdHmac,0,32,"hex_lower"),"hex_lower")

    ; Double hash using SHA256
    CkCrypt2::setCkEncodingMode(crypt, "hex_lower")
    CkCrypt2::setCkHashAlgorithm(crypt, "sha256")

    bdHash.i = CkBinData::ckCreate()
    If bdHash.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    CkBinData::ckAppendEncoded(bdHash,CkCrypt2::ckHashBdENC(crypt,bdXprv),"hex_lower")
    secondHash.s = CkCrypt2::ckHashBdENC(crypt,bdHash)
    CkBinData::ckClear(bdHash)
    CkBinData::ckAppendEncoded(bdHash,secondHash,"hex_lower")

    ; Append the 1st 4 bytes of the bdHash to bdXprv.
    CkBinData::ckAppendEncoded(bdXprv,CkBinData::ckGetEncodedChunk(bdHash,0,4,"hex_lower"),"hex_lower")

    ; Base58 encode bdXprv
    computedMasterKey.s = CkBinData::ckGetEncoded(bdXprv,"base58")

    Debug "Expected Master Key: " + expectedMasterKey
    Debug "Computed Master Key: " + computedMasterKey


    CkCrypt2::ckDispose(crypt)
    CkBinData::ckDispose(bdSalt)
    CkBinData::ckDispose(bdSeed)
    CkBinData::ckDispose(bdHmac)
    CkBinData::ckDispose(bdXprv)
    CkBinData::ckDispose(bdHash)


    ProcedureReturn
EndProcedure